FLoC and UID2 cookie alternatives are good for advertisers and publishers but not consumers

Proposed alternatives like Google's FLoC and The Trade Desk's UID2 aren't good for individual consumer privacy.

Flock of sheep

Google plans to drop support for third-party cookies from its browser this year. To replace the tracking tools, Google has been working on the Federated Learning of Cohorts (FLoC) and other tools that anonymize and group individual searcher data within “cohorts” of browser users with similar interests.

In an alternate move, ad tech companies want to move away from cookies and track individual movements across publications with email logins. Last week, the Electronic Frontier Foundation (EFF) wrote an article analyzing the plans of advertising companies to implement Unified Identifier 2.0 (UID2), a new advertising tracker proposed by The Trade Desk, after cookies have been deprecated. 

According to the EFF and the UID2 GitHub documentation, the UID2 would put publishers in cahoots with advertisers to collect, share, gather browsing information, and advertise to individuals via email addresses. The whole premise is that publishers should require readers to identify themselves by logging in to the publication. The publishers then hand off the login information (email address) and browsing data to the advertiser, who will then use the information to build a profile about the reader.

The aim of UID2 is to build more personalized profiles of individual users to better understand their browsing, reading, and purchasing preferences. 

The UID2’s guiding principles speak to the kinds of information that advertisers have grown used to using, and what they’d rather not give up.

Guiding Principles according to the UID2 documentation

Independently Governed: UID2 will be governed by unbiased third-party organizations, with the transition from The Trade Desk anticipated mid-2021.

First-Party Relationships: UID2 allows advertisers to easily activate their first-party data on publishers across the open internet.

Nonproprietary: UID2 is accessible to all constituents in the advertising ecosystem who abide by the code of conduct, and no individual company controls access. This includes DSPs, SSPs, data providers, measurement providers, and identity services. Open Source: UID2 code will be transparent via an open-source framework.

Interoperable: UID2 allows other identity solutions to integrate and provide UID2s with their offering.

Secure and Privacy-Safe: UID2 leverages multiple layers of security, cryptography, and encryption to secure user data.

Transparency and Control: Users understand where their ID is shared and what data is associated with it. Users have control to revoke their consent and permissions.

The questions this proposal bring up abound:

  1. Who are these unbiased third-party organizations that will be in charge of the data?
  2. Who governs those third-party organizations?
  3. Will The Trade Desk retain any consumer information when the handover takes place?
  4. “UID2 is accessible to all constituents…who abide by the code of conduct” but what about the data that is accessed by those who don’t abide by the code of conduct? What stops them from downloading the data first and not abiding later?
  5. If this is an open ecosystem, what good is encryption going to have for user data?

These are in addition to the valid questions EFF raises in their article:

  1. “Who will act as an “administrator” in the system? Will there be one or many, and how will this impact competition on the Internet? 
  2. Who will act as an “operator?” Outside of operators, who will the “members” of the system be? What responsibilities towards user data will these actors have?
  3. Who will have access to raw UID2 identifiers? The draft specification implies that publishers will only see encrypted tokens, but most advertisers and data brokers will see raw, stable identifiers.”

The advertisers didn’t stop to think if they should

The UID2 documentation begins with a call to action, supposedly geared toward consumers:

Addressable advertising enables publishers and developers to provide the content and services consumers have come to enjoy, whether through mobile apps, streaming TV, or web experiences.

UID2 documentation introduction on GitHub

This is consumer-value-added marketing speak at its finest. Do customers really enjoy the “content and services” that UID2 is promising? What it’s promising is often-creepy advertising that follows people around the internet. We wonder if Alexa or Siri are listening in on our private conversations or reading our text messages.

Saying that consumers want this hyper-personalization is reductive. Consumers are smart enough to complete a browser search to find the products they need. They’re smart enough to ask their smart speakers, or their digital assistants when they don’t remember song lyrics.

The problem that the deprecation of third-party cookies will address—the loss of consumer privacy and the potential for bad actors to have way too much information about any single person because of their browsing history and location data—is not addressed by FLoC or UID2.

These options are presented by advertisers, browsers, and publishers, who have monetary reasons to support initiatives that don’t protect individual privacy. 

Consumers need to be protected. They need to have the freedom to not think about whether they are a data product. That is what these data initiatives are missing: the consumer-first value that has nothing to do with a marketer’s spin.

Related News

Tamara Scott is a writer and content strategist based in Nashville. With a background in English education, she plans and writes clear, instructive content for marketers and technology users of all skill levels. Follow @t_scottie